Document creation applications, such as word processing applications, spreadsheet applications, and presentation applications, sometimes provide a document encryption mechanism through which a user can provide a password that is used to encrypt a document to prevent unauthorized access to information contained therein. The information contained in encrypted documents may, at some time or another, be needed by others that are not privy to the password. For instance, when a document is encrypted by a password created by an employee of a company and the employee leaves the company or simply forgets the password, nobody can access the document, which could contain critical and confidential company information such as human resources or financial information.
In an effort to enable decryption of an encrypted document without knowing a password, an escrow key mechanism can be used. An escrow key mechanism is a configurable mechanism to automatically add certificate-based decryption keys, called escrow keys, in password-protected documents. The escrow key mechanism enables password-protected documents to be decrypted using a certificate without requiring knowledge of the password so as to enable a document recovery scenario in instances such as described above.
Encrypted documents sometimes utilize a two-step system. For instance, each time a document is saved, a randomly generated secret key is used to encrypt the entire document. A password provided by the user is used to derive a new key, which is used to encrypt the secret key. The encrypted secret key may be stored in the document as plain text. To decrypt the document, the key is derived from the user-entered password and is used to decrypt the secret key, which is then used to decrypt the document.
The escrow key mechanism works by encrypting the secret key using a configured public key, which may or may not be contained in a certificate, for the document. The encrypted secret key (i.e., the escrow key) is also added to the document, along with the password-encrypted secret key. Anyone with the private key can then decrypt the secret key, and hence the document. Because the secret key changes each time the document is saved, any existing escrow keys in the document need to be updated with the new secret key. The escrow key mechanism is not without vulnerabilities to attackers that seek to gain access to a protected document.
It is with respect to these and other considerations that the disclosure made herein is presented.